Computer Science > Cryptography and Security

Abstract: We propose PiNcH, a methodology to detect the presence of a drone and its
current status leveraging just the communication traffic exchanged between the
drone and its Remote Controller (RC). PiNcH is built applying standard
classification algorithms to the eavesdropped traffic, analyzing features such
as packets inter-arrival time and size. PiNcH does not require either any
special hardware or to transmit any signal. Indeed, it is fully passive and it
resorts to cheap and general purpose hardware. To evaluate the effectiveness of
our solution, we collected real communication measurements from the 3DR SOLO
drone, being the most popular open-source hardware, running the widespread
ArduCopter open-source firmware, mounted on-board on a wide range of commercial
amateur drones. Then, we test our solution against different publicly available
wireless traces. The results prove that PiNcH can efficiently and effectively:
(i) identify the presence of the drone in several heterogeneous scenarios; (ii)
identify the current state of a powered-on drone, i.e., flying or lying on the
ground; (iii) discriminate the movement of the drone; and, finally, (iv)
estimate a lower bound on the time required to identify a drone with the
requested level of assurance. The quality and viability of our solution do
prove that network traffic analysis can be successfully adopted for drone
identification and pave the way for future research in the area.